Kubernetes, welcome to the coin mines. Crooks dig into open containers to craft crypto-cash

Swiping CPU cycles from Kubernetes container clusters to mine crypto-coins is the latest rage among cybercrooks.

So says Swiss security intelligence house BinaryEdge, which reckons it has spotted multiple instances of vulnerable clusters being taken over and then used to run scripts that mine cryptocurrencies for the attackers.

Malware - Tool - Hackers - Cash - People

While coin-mining malware has long been a popular tool for hackers to generate cash using other people's hardware, most of the attacks seen so far have focused on running mining code on victims' PCs or by injecting mining scripts into webpages on popular websites and stealing CPU cycles from everyone who visits.

Container clusters, however, could be an attractive target to scumbags as the machines powering the containers are usually servers with a lot of oomph which means more coins can be dug up per hour, and in a busy environment, it may not be easy to spot crafty coin-mining malware right away.

Vulnerability - Disclosures - Kubernetes - Security - Forefront

Although vulnerability disclosures have brought Kubernetes security to the forefront as of late, BinaryEdge says the attacks they are seeing are far simpler: many of the infected clusters required no exploit, but rather...